package com.sso.auth.controller;

import com.sso.auth.service.CustomUserDetailsService;
import com.sso.common.entity.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.HashMap;
import java.util.Map;

/**
 * 用户信息控制器
 * 处理 OAuth2 /userinfo 端点请求
 * 
 * @author SSO System
 * @since 2024-01-01
 */
@RestController
public class UserInfoController {

    @Autowired
    private CustomUserDetailsService userDetailsService;

    /**
     * 获取用户信息（OIDC userinfo 端点）
     * 
     * @return 用户信息
     */
    @GetMapping("/userinfo")
    public Map<String, Object> userInfo() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        Map<String, Object> userInfo = new HashMap<>();

        if (authentication != null && authentication.getPrincipal() instanceof Jwt jwt) {
            // 从 JWT 中获取用户信息
            String username = jwt.getClaimAsString("sub");
            
            // 从数据库获取完整用户信息
            User user = userDetailsService.getUserByUsername(username);
            
            if (user != null) {
                userInfo.put("sub", user.getUsername());
                userInfo.put("preferred_username", user.getUsername());
                userInfo.put("name", user.getFullName());
                userInfo.put("given_name", user.getFullName());
                userInfo.put("family_name", "");
                userInfo.put("email", user.getEmail());
                userInfo.put("email_verified", true);
                userInfo.put("phone_number", user.getPhone());
                userInfo.put("phone_number_verified", true);
                userInfo.put("profile", "");
                userInfo.put("picture", "");
                userInfo.put("website", "");
                userInfo.put("gender", "");
                userInfo.put("birthdate", "");
                userInfo.put("zoneinfo", "Asia/Shanghai");
                userInfo.put("locale", "zh-CN");
                userInfo.put("updated_at", System.currentTimeMillis());
                
                // 添加自定义字段
                userInfo.put("department", user.getDepartment());
                userInfo.put("authorities", user.getAuthorities());
                userInfo.put("id", user.getId());
            }
        } else if (authentication != null) {
            // 处理普通认证（非JWT）
            String username = authentication.getName();
            User user = userDetailsService.getUserByUsername(username);
            
            if (user != null) {
                userInfo.put("sub", user.getUsername());
                userInfo.put("preferred_username", user.getUsername());
                userInfo.put("name", user.getFullName());
                userInfo.put("given_name", user.getFullName());
                userInfo.put("family_name", "");
                userInfo.put("email", user.getEmail());
                userInfo.put("email_verified", true);
                userInfo.put("phone_number", user.getPhone());
                userInfo.put("phone_number_verified", true);
                userInfo.put("profile", "");
                userInfo.put("picture", "");
                userInfo.put("website", "");
                userInfo.put("gender", "");
                userInfo.put("birthdate", "");
                userInfo.put("zoneinfo", "Asia/Shanghai");
                userInfo.put("locale", "zh-CN");
                userInfo.put("updated_at", System.currentTimeMillis());
                
                // 添加自定义字段
                userInfo.put("department", user.getDepartment());
                userInfo.put("authorities", user.getAuthorities());
                userInfo.put("id", user.getId());
            }
        }

        return userInfo;
    }
}